JUNIOR IT SECURITY ANALYST - TEMP

At Cary, an exceptional opportunity as a Junior IT Security Analyst awaits a candidate that is deeply invested and enthusiastic about cybersecurity! This role allows you to gain valuable experience while contributing to a growing cybersecurity team. The ideal candidate will assist in monitoring, detecting, analyzing, and responding to security events and incidents across our systems and networks. You will play a key role in safeguarding our organization's digital assets and ensuring compliance with security policies and best practices. By joining our organization, you will make a meaningful impact and be a part of a community that prioritizes innovation, collaboration, and excellence! 

Location: Onsite at Cary Town Hall
Hours: 20 hours per week

Applicants must be available to work between May through August 2025.

This is a part-time, non-benefited, position, up to 20 hours a week, with a maximum of 999 hours per year.Security Operations:

• Support monitoring efforts by using security tools (e.g., SIEM, XDR) to help identify potential security incidents, unauthorized access attempts, or unusual network behavior. Escalate findings to senior team members as needed.
• Assist in the review of security alerts, working under the guidance of senior analysts to understand threat patterns and contribute to initial investigation steps.
• Help document incidents and investigations, including maintaining accurate records of what occurred, actions taken, and remediation steps, to support compliance and future reference.

Governance, Risk and Compliance

• Collaborate with the IT Security Team to gather insights and contribute to the development and delivery of the organization’s Security Awareness Program.
• Help conduct security audits to assess the organization's compliance with applicable laws, regulations, and industry standards.
• Support conducting risk assessments to identify potential vulnerabilities and threats to the Town’s systems, networks, and data.
• Assist in compiling and organizing security metrics to support evaluations of operational efficiency, risk posture, and the cost-effectiveness of security initiatives.

Security Engineering:

• Assist in maintaining and monitoring security tools such as firewalls, IDS/IPS, endpoint protection, and vulnerability scanners, escalating issues as needed.
• Support system hardening and secure configuration efforts, including applying security baselines, tracking patch deployments, and identifying misconfigurations.
• Contribute to access control and identity management, helping review user permissions and enforce least privilege policies across systems.

Customer Service:

• Collaborate with IT teams to ensure consistent messaging and quick resolution of security-related tickets.
• Contribute to the communication of security incidents or policy changes to affected teams in a professional and understandable manner.
• Assist with onboarding and training users on security best practices, including password policies, phishing awareness, and safe data handling procedures.

The ideal candidate possesses a foundational understanding of computer networks, operating systems, and core cybersecurity principles. Familiarity with common cyber threats—such as phishing, malware, and social engineering—as well as basic knowledge of industry standards and frameworks (e.g., NIST or CIS Controls) is preferred. Candidates should be comfortable navigating operating systems such as Windows or macOS and have a basic ability to interpret system logs or troubleshoot simple issues. Introductory experience with scripting or programming languages (such as Python or PowerShell) is considered a plus, though not required. Strong analytical skills, attention to detail, and a proactive, inquisitive mindset are essential. The candidate should be capable of working both independently and collaboratively, demonstrating a willingness to ask questions and engage in continuous learning within a professional environment.

• Requires enrollment in or recent graduation from a college/university with a degree in Cybersecurity, Information Technology, Computer Science, or a related field. Recent graduation is defined as graduation in or after December 2024.
  • Must attach a current transcript to your application in PDF format (10MB limit) that displays a list of Cybersecurity, information technology, computer science, or related classes that you have completed or are currently enrolled in.
• Must have at least one cybersecurity related certification (ex: Security , CySA , etc.).
• Must have considerable experience and knowledge of incident response, social engineering, zero trust, asset management, and security operations.
• Must have considerable experience with operating systems (Windows/MacOS) and basic networking concepts (e.g., IP, DNS, ports, protocols.)
• Must have a willingness to learn both technical and policy aspects of cybersecurity and contribute to a variety of project types.

Preferred Qualifications:

• Foundational understanding of cybersecurity principles, including both technical controls (e.g., firewalls, encryption) and policy-driven frameworks (e.g., NIST, ISO 27001, or CIS Controls.)
• Exposure to basic technical tools and practices—such as analyzing logs, running vulnerability scans, or using platforms like Wireshark or Nessus.
• Awareness of governance and compliance concepts like risk assessments, security policies, access controls, and data classification.
• Experience with or interest in scripting (Python, PowerShell, or Bash) and using Microsoft Office products for documentation and tracking.

Conditions of Employment:

• Requires a valid driver’s license with an acceptable driving record.
• Requires drug testing and background check (which may include criminal check, education verification and credit history review) prior to employment.

Salary : $18 - $25